Skip to content

Fix documentation deployment (switch to HTTPS via GITHUB_TOKEN) #142

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Merged
Cardoza2 merged 2 commits into from
Mar 27, 2026
Merged

Fix documentation deployment (switch to HTTPS via GITHUB_TOKEN) #142

Show file tree
Hide file tree
Changes from 1 commit
Commits
Show all changes
2 commits
Select commit Hold shift + click to select a range
d85b063
documentation fix, ignore claude files
Cardoza2 Mar 27, 2026
082f193
Apply suggestion from @Copilot
Cardoza2 Mar 27, 2026
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
12 changes: 8 additions & 4 deletions .github/workflows/Documentation.yml
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -13,16 +13,20 @@ jobs:
contents: write
runs-on: ubuntu-latest
steps:
- uses: actions/checkout@v2
- uses: julia-actions/setup-julia@v1
- uses: actions/checkout@v4
- uses: julia-actions/setup-julia@v2
with:
version: '1'
- name: Install dependencies
env:
PYTHON: ""
run: julia --project=docs/ -e 'using Pkg; Pkg.develop(PackageSpec(path=pwd())); Pkg.instantiate()'
- name: Build and deploy
# Deployment uses GITHUB_TOKEN (HTTPS). No SSH deploy key required.
# The contents: write permission above grants GITHUB_TOKEN push access to gh-pages.
# Deployment is skipped on pull requests; docs are still built to catch errors.
if: github.event_name != 'pull_request'
env:
GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} # If authenticating with GitHub Actions token
DOCUMENTER_KEY: ${{ secrets.DOCUMENTER_KEY }} # If authenticating with SSH deploy key
GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
PYTHON: ""
Copy link

Copilot AI Mar 27, 2026

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Because this workflow runs on pull_request and the job requests contents: write, a PR from a branch in the same repo would execute untrusted code with a write-capable GITHUB_TOKEN. Consider restructuring into two jobs: a PR-safe build job with read-only permissions, and a deploy job (push/tag only) that has contents: write and pushes to gh-pages. This also aligns with separating build vs deploy logic.

Copilot uses AI. Check for mistakes.
run: julia --project=docs/ docs/make.jl
4 changes: 3 additions & 1 deletion .gitignore
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -6,4 +6,6 @@ Manifest.toml
.DS_Store
.vscode
*/Manifest.toml
docs/build/
docs/build/
*claude.md
*.claude
Loading